The internet is an integral part of modern communication. Yet it is also the source of many security issues of private information because of its widespread nature and availability. These security issues are associated partly to the inherent characteristics of the internet and to human error (Holden, 2003). The advancement of technology has allowed services and items to be delivered through the internet by collecting information. However, such information comes with a price. In exchange of convenience, consumers become targets to cybercrimes because of the information they provide (i.e. bank account information, address, and personal identity) (Sicari, 2013). Indeed, protecting privacy on the web becomes more intricate due to the considerable amount of sensitive information provided in many locations during internet browsing. While a third party collects and compiles data to build personal profiles of internet users to provide free and personalized services, perpetrators are lurking to gather these information without the user’s knowledge (Malandrino and Scarano, 2013). This paper presents some of the major internet security concerns and their potential solutions.
Threats on the Internet
As people link a computer to the Internet, they compromise the integrity of its boundaries, resulting to the computer losing its private status. Thus, one must consider the risks of exposing private data before deciding to gain any potential benefits out of connecting to the internet. The nature of data in a healthcare environment for instance is often highly sensitive. There is also the danger of home computers exposing data, such as banking details, when connected to the internet (Kelly and McKenzie, 2002). Hughes (2008) noted various categories of potential risk when using the internet. These potential risks include: hacking, phishing, Trojan horses, spyware, adware, or malware, tracking cookies, viruses, worms, and fake programs that present themselves to combat the aforementioned risks.
Computer hacking is defined as an illegal manner to crack computers or passing through security measures. The internet serves as a ground from which many hackers launch their attacks on personal computers. The IP address of Wireless Personal Area Network and Local Area Network allows such connection of constrained devices (i.e. sensor nodes with global Internet standardized IP protocol). Routers connect these networks with the internet and because of the nature of these devices they directly connect to untrusted internet sites which makes it possible for attackers to access resource constrained devices from anywhere on the internet (Raza, Wallgren and Voight, 2013). When the system is vulnerable hackers are able to direct attacks to a single computer. These hackers are able to identify the IP of the target computer and then gain access through a free port on the CPU. In so doing, these hackers can access private information such as credit card numbers for financial gains.
Phishing refers to the attempt of a third party to access login and password information for a specific website. Perpetrators set up false website which appears very convincing such that the users are attracted to enter their personal information. Phishing also targets “bank websites, pay-online web sites, and any website which require credit-card numbers.” Trojan Horses are destructive programs which download themselves onto the computer as a benign application. These programs can cause various damages to the computer to include: (1) remote access to computers eventually having complete control of the system; (2) “data sending”—where others use personal computers to obtain personal data such as credit card and social security numbers; (3) destruction of computer hard drive and data within it; (4) computer turning into a "proxy server" which set-up credit-card fraud; (4) remote connection of other to computer which allows downloads of the content of your hard drive (through FTP Trojan); (5) inactivation of security software such as firewall or security or anti-virus in the computer thereby allowing other Trojan programs or hackers to access personal information; and (6) denial-of-service attack where the virus attack an entire network system such that disabling the system will deny users to access their account (Hughes, 2008). Incidence of the latter virus damage has been reported by Brenner (2013). Since September 2012, security attacks on US banks have disrupted services and cost US banks to defend tens of millions of dollars. Forensic experts ascribed the attacks to Iran. Denial-of-service-attacks have been occurring ferociously in the country which might take the world financial systems down. Security officers are wary of the fact that attackers are being sponsored by a country with first-rate capacity.
The adware, also known as advertising-supported software are those pop-up ads or certain types of web advertisements that appear in web browsers. This software automatically plays, displays, or downloads advertising material after installation or while certain applications were open on the computer. Pop-up ads appearing on the computer proliferates which is related to the same subject matter that is being researching. Spyware covertly installs software on a computer at the same time that another piece of software is installed when visiting a webpage. From the root word “spy,” the aim of this software is to monitor user’s behavior on the computer, collect personal information, and interfere with the control of machine. Identity theft is one of the many threats of the spyware. Spyware can "repurpose" a computer for other services without the knowledge of the user. Malware has a similar objective to spyware, but has the goal of using one’s computer to be hostile, intrusive, or annoying on another computer. Malicious software damages one’s computer using the machine as a base (Hughes, 2008).
Viruses are the most popularly known form of intrusive attacks on computers. These viruses infect the host system (or server) of the computer. The damage continues as the host system contacts with others. Viruses travel through any type of file-transfer and travel easily through computer networks by attaching itself to the file or the program. As a consequence, the performance of the system decreases. Worms are a variety of viruses that are self-replicating. They do not to a computer file but have their own life which destroys the entire computer networks (Hughes, 2008).
Cookies convey information between a computer and a web site. They can be benign and sometimes helpful in saving preferences for a certain website but some tracking cookies can collect personal information. Tracking cookies refers to small, discrete files that download automatically when one hits a certain website while surfing. These small files gather information about: (1) the number of times a site is visited when users make purchases; (2) other similar pages one might read; (3) ads that were clicked on; and (4) information used to complete online forms (Hughes, 2008).
Combatting Security Threats
Wise internet surfing is probably the best solution to combat security threats on the internet. By this it means that one must be careful when visiting internet sites. When combined with technical insights one is able to avoid various system problems. The easiest way to prevent hackers from entering the system is by continuously updating operating system software with security patches. Further, information transmitted to and from the server should be encrypted with a strong signal. This would make it difficult for the intruder to retrieve the information obtained by illegal means ().
It is also important to check the URL (address) of the web page where personal information was inputted to guard against phishing. If the URL does not represent the company site being access, this means the user is in danger of being subject to a phishing operation. While there are web browsers phishing filters available it is very important to be attentive to website addresses when using the Internet.
For servers on the internet which are regularly targeted on denial of service attacks. The owners of websites should regularly scan the traffic to their websites and have ways of differentiating between legitimate and illegitimate information. This will ensure their clients have access to their website for 24 hour a day.
Computers installed in the internet may be infected with Trojans. Trojans are programs that disguise as legitimate programs to gain access to a user’s computer. Hackers use Trojans to scan for monitor emails, scan for instant messages or even monitor database communications. They are designed to compromise a computer without being detected by the owner. Users of the internet should install strong antiviruses in their computer to detect and quarantine items found to contain Trojans.
Users of the internet regularly go about their business in a state of anonymity. Most websites do not require for users to identify themselves. This means that there is a possibility for criminals to use the internet to facilitate their activities. One of the most common is the cyberbullying. This happens when people mistreat an individual especially in message boards or group chats. There also possibilities of pedophiles using the internet to lure their victims. To combat this security measure, designers of websites should make it compulsory for users to provide personal identifying information before being allowed to comment on their content. Parents should also utilize family safety features available on most operating systems.
Many sites require users to login before using their services. People have to create a unique password that grants them access to their personal account. Attackers sometimes target the passwords in to gain access to a user’s account. One of the methods regularly used by attackers is the brute force method. This entails running dictionary words and their combinations as the password in the hope that one of them will be the right password. This is possible in the modern internet age as there are powerful computers that can run millions of words in a short period. To protect oneself from such attacks, the user of the computer should create a powerful password containing letters, numbers, and symbols. This makes it impossible for the attackers to land on the right combination.